The internet is a strange and wondrous place, but it is constantly changing. It’s hard to keep up. We are here to help by explaining “what does that mean?”
Internet security has been in the news for months. From hacked credit bureaus to foreign interference in elections, the entire world recognizes how vulnerable data can be. For websites, the first line of defense against data breaches is encryption. Most of the time, that is handled through an SSL Certificate.
What are they?
An SSL Certificate is essentially bits of code that are installed on a server for the purpose of protecting the data transacted on a website. In simple terms, it keeps anything sent or received between the website server and the person sending/receiving the information encrypted and safe. SSL stands for Secure Socket Layer and is actually an older security technology invented by Netscape that is no longer in use on servers replaced by TLS (Transport Layer Security) a number of years ago. But the certificates used on websites are still referred to as an SSL Certificate. The certificate communicates with the security on the server to encrypt and protect data.
How do you know if someone has one?
Domain names with SSL protection use https instead of http. So, https://sitemender.com instead of https://sitemender.com. Browsers will often have a small lock icon either in the line with the URL or on the frame of the browser. On Google Chrome, it will also say “SECURE” next to the domain name in green.
What happens if I go to https but there isn’t a certificate installed?
You will get a warning from your browser that the site you are trying to visit isn’t secure unless the website has been configured to force you to go to the non-https version. This also happens if the certificate has expired and you will receive a warning.
How do you get them?
Most domain name providers and many hosting companies sell them. They run anywhere from $20 to $200 or more per year depending upon how complex the encryption level. For many years, they could only be coded to single IP Address, but in recent years shared SSL Certificates have emerged as an easier and cheaper option. One certificate covers an entire server rather than a single domain name. Purchased certificates must be renewed annually or they expire and your visitors may see warnings or even not be able to reach your website.
Why are they important?
In addition to protecting data and information, they help authenticate a website, which is good for Google’s search results. It also breeds trust for people using your website because they know anything they do there is protected by a trusted third party.
Don’t I only need them if I sell things online?
If you use any kind of e-commerce that includes sales transactions, you MUST have an SSL Certificate to protect your customer’s data. However, it can be extremely beneficial for websites without e-commerce as well. Encryption protects downloads, email forms and even individual files on your server. That is in addition to the boost it gives you from improved search results.
So, should I get an SSL Certificate or what?
Probably. Not everyone needs one. Basic websites with little or no interactivity don’t really need them. But everyone CAN have them and any tool that improves search and secures your data isn’t a bad thing.
There are plenty of resources out there for acquiring and maintaining your SSL Certificate. We can even provide it as part of your website maintenance and web hosting. We help our clients with security issues nearly every day. If you are confused, contact us today and we’ll help you figure it out.